Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DETECTION] KiwiSec ApkProtect #294

Open
apkunpacker opened this issue Apr 8, 2022 · 2 comments · May be fixed by #424
Open

[DETECTION] KiwiSec ApkProtect #294

apkunpacker opened this issue Apr 8, 2022 · 2 comments · May be fixed by #424
Assignees
@enovella
Labels
detection-issue Bad detection or no detection v2.1.5-bhusa

Comments

@apkunpacker
Copy link
Contributor

Link -
https://github.com/iKiwiSec/KiwiApkProtect

Sample -
https://virustotal.com/gui/file/d108652bd1b685765e3ada2b7376e3c3ff67f8162afcf8bad91e0aef79b7b08a

APKiD Scan -

$ apkid 'VMOS(内核尝鲜版)_1.1.6.apk'
[+] APKiD 2.1.3 :: from RedNaga :: rednaga.io
[*] VMOS(内核尝鲜版)_1.1.6.apk!lib/armeabi/libKwProtectSDK.so
 |-> packer : UPX (unknown, modified)
[*] VMOS(内核尝鲜版)_1.1.6.apk!lib/armeabi-v7a/libKwProtectSDK.so
 |-> packer : UPX (unknown, modified)
[*] VMOS(内核尝鲜版)_1.1.6.apk!classes.dex
 |-> anti_vm : Build.BOARD check, Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, SIM operator check, network operator name check, possible Build.SERIAL check, ro.build.type check, ro.kernel.qemu check, subscriber ID check
 |-> compiler : dexlib 2.x
@apkunpacker apkunpacker added the detection-issue Bad detection or no detection label Apr 8, 2022
@enovella enovella self-assigned this Sep 24, 2022
@enovella
Copy link
Collaborator

@apkunpacker I dont have a valid VT license, would you mind sharing the sample over here via ZIP file?
Thanks,
Edu

@enovella
Copy link
Collaborator

Link: https://transfer.sh/Kf6uEW/VMOS_Kernel_1.1.6.apk

AbhiTheModder added a commit to AbhiTheModder/APKiD that referenced this issue Nov 20, 2024
@AbhiTheModder
Add rule for kiwisec
541a02d 
Closes
[DETECTION] Chinese protectors and packers rednaga#389
[DETECTION] KiwiSec ApkProtect rednaga#294
[DETECTION] Detect KiwiSec VM-based protector rednaga#234
@AbhiTheModder AbhiTheModder linked a pull request Nov 20, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@enovella enovella

Labels
detection-issue Bad detection or no detection v2.1.5-bhusa
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add rule for kiwisec AbhiTheModder/APKiD
2 participants
@enovella @apkunpacker